{"bundle_type":"pith_open_graph_bundle","bundle_version":"1.0","pith_number":"pith:2024:CRII4LV4WUR2HLMVKOHM7SYOXO","short_pith_number":"pith:CRII4LV4","canonical_record":{"source":{"id":"2404.08144","kind":"arxiv","version":2},"metadata":{"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2024-04-11T22:07:19Z","cross_cats_sorted":["cs.AI"],"title_canon_sha256":"b3a7eb43bd4e681417531217cced639bb21996913335a7be29c1168967c78954","abstract_canon_sha256":"dd74ec1e69c65e7917805bbb5956b956c7051bb64500628c0b989d5ba2e07099"},"schema_version":"1.0"},"canonical_sha256":"14508e2ebcb523a3ad95538ecfcb0ebbab27acea287827176893280fce7d5045","source":{"kind":"arxiv","id":"2404.08144","version":2},"source_aliases":[{"alias_kind":"arxiv","alias_value":"2404.08144","created_at":"2026-05-18T04:13:04Z"},{"alias_kind":"arxiv_version","alias_value":"2404.08144v2","created_at":"2026-05-18T04:13:04Z"},{"alias_kind":"doi","alias_value":"10.48550/arxiv.2404.08144","created_at":"2026-05-18T04:13:04Z"},{"alias_kind":"pith_short_12","alias_value":"CRII4LV4WUR2","created_at":"2026-05-18T12:33:37Z"},{"alias_kind":"pith_short_16","alias_value":"CRII4LV4WUR2HLMV","created_at":"2026-05-18T12:33:37Z"},{"alias_kind":"pith_short_8","alias_value":"CRII4LV4","created_at":"2026-05-18T12:33:37Z"}],"events":[{"event_type":"record_created","subject_pith_number":"pith:2024:CRII4LV4WUR2HLMVKOHM7SYOXO","target":"record","payload":{"canonical_record":{"source":{"id":"2404.08144","kind":"arxiv","version":2},"metadata":{"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2024-04-11T22:07:19Z","cross_cats_sorted":["cs.AI"],"title_canon_sha256":"b3a7eb43bd4e681417531217cced639bb21996913335a7be29c1168967c78954","abstract_canon_sha256":"dd74ec1e69c65e7917805bbb5956b956c7051bb64500628c0b989d5ba2e07099"},"schema_version":"1.0"},"canonical_sha256":"14508e2ebcb523a3ad95538ecfcb0ebbab27acea287827176893280fce7d5045","receipt":{"kind":"pith_receipt","key_id":"pith-v1-2026-05","algorithm":"ed25519","signed_at":"2026-05-18T04:13:04.421006Z","signature_b64":"8i6bifsL5QwA9ZmiHrtpfRI2t7EXxuTbNYbVQdzWLS5AMzUkVOjDVm1xgOBChxv7Pax8cuHH2giq6agQR8geAQ==","signed_message":"canonical_sha256_bytes","builder_version":"pith-number-builder-2026-05-17-v1","receipt_version":"0.3","canonical_sha256":"14508e2ebcb523a3ad95538ecfcb0ebbab27acea287827176893280fce7d5045","last_reissued_at":"2026-05-18T04:13:04.420381Z","signature_status":"signed_v1","first_computed_at":"2026-05-18T04:13:04.420381Z","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"source_kind":"arxiv","source_id":"2404.08144","source_version":2,"attestation_state":"computed"},"signer":{"signer_id":"pith.science","signer_type":"pith_registry","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"created_at":"2026-05-18T04:13:04Z","supersedes":[],"prev_event":null,"signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"+sPANDd6lujPvCoomnJkpCA1CayiK1eJ0G647f9VbfWHgyeDjaL/ZviLArUIyXP+R1mvQkpsITLB4CsS3K+1Dw==","signed_message":"open_graph_event_sha256_bytes","signed_at":"2026-06-08T01:22:43.571548Z"},"content_sha256":"5c2ea13ff7f5b9a097131c81e76c170163f481e119272f3dddb6dfa2aa0814d1","schema_version":"1.0","event_id":"sha256:5c2ea13ff7f5b9a097131c81e76c170163f481e119272f3dddb6dfa2aa0814d1"},{"event_type":"graph_snapshot","subject_pith_number":"pith:2024:CRII4LV4WUR2HLMVKOHM7SYOXO","target":"graph","payload":{"graph_snapshot":{"paper":{"title":"LLM Agents can Autonomously Exploit One-day Vulnerabilities","license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","headline":"","cross_cats":["cs.AI"],"primary_cat":"cs.CR","authors_text":"Akul Gupta, Daniel Kang, Richard Fang, Rohan Bindu","submitted_at":"2024-04-11T22:07:19Z","abstract_excerpt":"LLMs have becoming increasingly powerful, both in their benign and malicious uses. With the increase in capabilities, researchers have been increasingly interested in their ability to exploit cybersecurity vulnerabilities. In particular, recent work has conducted preliminary studies on the ability of LLM agents to autonomously hack websites. However, these studies are limited to simple vulnerabilities.\n  In this work, we show that LLM agents can autonomously exploit one-day vulnerabilities in real-world systems. To show this, we collected a dataset of 15 one-day vulnerabilities that include on"},"claims":{"count":0,"items":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"source":{"id":"2404.08144","kind":"arxiv","version":2},"verdict":{"id":null,"model_set":{},"created_at":null,"strongest_claim":"","one_line_summary":"","pipeline_version":null,"weakest_assumption":"","pith_extraction_headline":""},"references":{"count":0,"sample":[],"resolved_work":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","internal_anchors":0},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"author_claims":{"count":0,"strong_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"builder_version":"pith-number-builder-2026-05-17-v1"},"verdict_id":null},"signer":{"signer_id":"pith.science","signer_type":"pith_registry","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"created_at":"2026-05-18T04:13:04Z","supersedes":[],"prev_event":null,"signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"SiBEPTCtHXFZgC5GFHw39hVhmTPrO0D4IgHnaMuovcjLqS0LF0avv8x5+bxigFGoAuSd7+TQypsCQu4BzcA2Dg==","signed_message":"open_graph_event_sha256_bytes","signed_at":"2026-06-08T01:22:43.572158Z"},"content_sha256":"fefd518f775f33c592cd4bd44260f5a6b6300d8ab0f95da4947f2e7a00f26e94","schema_version":"1.0","event_id":"sha256:fefd518f775f33c592cd4bd44260f5a6b6300d8ab0f95da4947f2e7a00f26e94"}],"timestamp_proofs":[],"mirror_hints":[{"mirror_type":"https","name":"Pith Resolver","base_url":"https://pith.science","bundle_url":"https://pith.science/pith/CRII4LV4WUR2HLMVKOHM7SYOXO/bundle.json","state_url":"https://pith.science/pith/CRII4LV4WUR2HLMVKOHM7SYOXO/state.json","well_known_bundle_url":"https://pith.science/.well-known/pith/CRII4LV4WUR2HLMVKOHM7SYOXO/bundle.json","status":"primary"}],"public_keys":[{"key_id":"pith-v1-2026-05","algorithm":"ed25519","format":"raw","public_key_b64":"stVStoiQhXFxp4s2pdzPNoqVNBMojDU/fJ2db5S3CbM=","public_key_hex":"b2d552b68890857171a78b36a5dccf368a953413288c353f7c9d9d6f94b709b3","fingerprint_sha256_b32_first128bits":"RVFV5Z2OI2J3ZUO7ERDEBCYNKS","fingerprint_sha256_hex":"8d4b5ee74e4693bcd1df2446408b0d54","rotates_at":null,"url":"https://pith.science/pith-signing-key.json","notes":"Pith uses this Ed25519 key to sign canonical record SHA-256 digests. Verify with: ed25519_verify(public_key, message=canonical_sha256_bytes, signature=base64decode(signature_b64))."}],"merge_version":"pith-open-graph-merge-v1","built_at":"2026-06-08T01:22:43Z","links":{"resolver":"https://pith.science/pith/CRII4LV4WUR2HLMVKOHM7SYOXO","bundle":"https://pith.science/pith/CRII4LV4WUR2HLMVKOHM7SYOXO/bundle.json","state":"https://pith.science/pith/CRII4LV4WUR2HLMVKOHM7SYOXO/state.json","well_known_bundle":"https://pith.science/.well-known/pith/CRII4LV4WUR2HLMVKOHM7SYOXO/bundle.json"},"state":{"state_type":"pith_open_graph_state","state_version":"1.0","pith_number":"pith:2024:CRII4LV4WUR2HLMVKOHM7SYOXO","merge_version":"pith-open-graph-merge-v1","event_count":2,"valid_event_count":2,"invalid_event_count":0,"equivocation_count":0,"current":{"canonical_record":{"metadata":{"abstract_canon_sha256":"dd74ec1e69c65e7917805bbb5956b956c7051bb64500628c0b989d5ba2e07099","cross_cats_sorted":["cs.AI"],"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2024-04-11T22:07:19Z","title_canon_sha256":"b3a7eb43bd4e681417531217cced639bb21996913335a7be29c1168967c78954"},"schema_version":"1.0","source":{"id":"2404.08144","kind":"arxiv","version":2}},"source_aliases":[{"alias_kind":"arxiv","alias_value":"2404.08144","created_at":"2026-05-18T04:13:04Z"},{"alias_kind":"arxiv_version","alias_value":"2404.08144v2","created_at":"2026-05-18T04:13:04Z"},{"alias_kind":"doi","alias_value":"10.48550/arxiv.2404.08144","created_at":"2026-05-18T04:13:04Z"},{"alias_kind":"pith_short_12","alias_value":"CRII4LV4WUR2","created_at":"2026-05-18T12:33:37Z"},{"alias_kind":"pith_short_16","alias_value":"CRII4LV4WUR2HLMV","created_at":"2026-05-18T12:33:37Z"},{"alias_kind":"pith_short_8","alias_value":"CRII4LV4","created_at":"2026-05-18T12:33:37Z"}],"graph_snapshots":[{"event_id":"sha256:fefd518f775f33c592cd4bd44260f5a6b6300d8ab0f95da4947f2e7a00f26e94","target":"graph","created_at":"2026-05-18T04:13:04Z","signer":{"key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signer_id":"pith.science","signer_type":"pith_registry"},"payload":{"graph_snapshot":{"author_claims":{"count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","strong_count":0},"builder_version":"pith-number-builder-2026-05-17-v1","claims":{"count":0,"items":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"paper":{"abstract_excerpt":"LLMs have becoming increasingly powerful, both in their benign and malicious uses. With the increase in capabilities, researchers have been increasingly interested in their ability to exploit cybersecurity vulnerabilities. In particular, recent work has conducted preliminary studies on the ability of LLM agents to autonomously hack websites. However, these studies are limited to simple vulnerabilities.\n  In this work, we show that LLM agents can autonomously exploit one-day vulnerabilities in real-world systems. To show this, we collected a dataset of 15 one-day vulnerabilities that include on","authors_text":"Akul Gupta, Daniel Kang, Richard Fang, Rohan Bindu","cross_cats":["cs.AI"],"headline":"","license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2024-04-11T22:07:19Z","title":"LLM Agents can Autonomously Exploit One-day Vulnerabilities"},"references":{"count":0,"internal_anchors":0,"resolved_work":0,"sample":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"source":{"id":"2404.08144","kind":"arxiv","version":2},"verdict":{"created_at":null,"id":null,"model_set":{},"one_line_summary":"","pipeline_version":null,"pith_extraction_headline":"","strongest_claim":"","weakest_assumption":""}},"verdict_id":null}}],"author_attestations":[],"timestamp_anchors":[],"storage_attestations":[],"citation_signatures":[],"replication_records":[],"corrections":[],"mirror_hints":[],"record_created":{"event_id":"sha256:5c2ea13ff7f5b9a097131c81e76c170163f481e119272f3dddb6dfa2aa0814d1","target":"record","created_at":"2026-05-18T04:13:04Z","signer":{"key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signer_id":"pith.science","signer_type":"pith_registry"},"payload":{"attestation_state":"computed","canonical_record":{"metadata":{"abstract_canon_sha256":"dd74ec1e69c65e7917805bbb5956b956c7051bb64500628c0b989d5ba2e07099","cross_cats_sorted":["cs.AI"],"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2024-04-11T22:07:19Z","title_canon_sha256":"b3a7eb43bd4e681417531217cced639bb21996913335a7be29c1168967c78954"},"schema_version":"1.0","source":{"id":"2404.08144","kind":"arxiv","version":2}},"canonical_sha256":"14508e2ebcb523a3ad95538ecfcb0ebbab27acea287827176893280fce7d5045","receipt":{"algorithm":"ed25519","builder_version":"pith-number-builder-2026-05-17-v1","canonical_sha256":"14508e2ebcb523a3ad95538ecfcb0ebbab27acea287827176893280fce7d5045","first_computed_at":"2026-05-18T04:13:04.420381Z","key_id":"pith-v1-2026-05","kind":"pith_receipt","last_reissued_at":"2026-05-18T04:13:04.420381Z","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","receipt_version":"0.3","signature_b64":"8i6bifsL5QwA9ZmiHrtpfRI2t7EXxuTbNYbVQdzWLS5AMzUkVOjDVm1xgOBChxv7Pax8cuHH2giq6agQR8geAQ==","signature_status":"signed_v1","signed_at":"2026-05-18T04:13:04.421006Z","signed_message":"canonical_sha256_bytes"},"source_id":"2404.08144","source_kind":"arxiv","source_version":2}}},"equivocations":[],"invalid_events":[],"applied_event_ids":["sha256:5c2ea13ff7f5b9a097131c81e76c170163f481e119272f3dddb6dfa2aa0814d1","sha256:fefd518f775f33c592cd4bd44260f5a6b6300d8ab0f95da4947f2e7a00f26e94"],"state_sha256":"c5aabc047e4c8aa5c460d0747599cda2cc311f3bcaaec7bea6361f16c2abfe2b"},"bundle_signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"oW4FNN0nQpfiWr1qpdYaLf0mn/Go5xrjBTF1feM6ndvlRT3rxOhVaNhIPDquHMiUHmCwvr+iMrrz4AkJC2CuCw==","signed_message":"bundle_sha256_bytes","signed_at":"2026-06-08T01:22:43.575942Z","bundle_sha256":"8508b9dbb25fbc7c7541240375b48aa90cac5c62a006788cb491a69977a53b39"}}